Use iptables to block DNS query for a domain name - Code World

Use iptables to block DNS query for a domain name

Enterprise 2020-01-04 00:19:49 views: null

Now there is a demand, it is necessary to prohibit the host DNS query for a domain name, think of using iptables string module, use the following command:

iptables -D OUTPUT -m string --string "www.baidu.com" --algo bm -j
DROP

However, the above command does not filter the query to the www.baidu.com. According to the reference link in the document, www.baidu.com in the DNS query will be coded as follows:

03www05baidu03com

When encoding domain of each dot is divided into sub-strings (www, baidu and com) "." Not coded, preceding each substring of string length. Here is the capture of DNS queries:
Use iptables to block DNS query for a domain name
string www.baidu.com is encoded in hexadecimal:

03 77 77 77 05 62 61 69 64 75 03 63 6f 6d

77 is w ascii code, the control may be ascii characters remaining query. 777777 03 is in front of the three of the string length www.
The reference links, hexadecimal string iptables string module may be used to filter

iptables -A OUTPUT -p udp --dport 53 -m string --hex-string "|03|www|05|baidu|03|com|" --algo bm -j DROP

iptables automatically

|03|www|05|baidu|03|com|

Converted to hexadecimal.
Reference links:
https://linuxsecurity101.com/2018/11/18/tips-and-tricks-blocking-dns-requests-via-iptables/

Guess you like

Origin blog.51cto.com/penguintux/2463999

Use iptables to block DNS query for a domain name

About the command to query the domain name in the DNS service

Command to query DNS TXT record of domain name under Windows

Domain Name System (DNS)

DNS(Domain Name System)

DNS：domain name server

DNS domain name configuration

Domain Name System (DNS)

Seems to be no use of a domain name query verification system source code, domain name query using genuine source

Use c-ares for DNS domain name resolution

Use nginx to reverse a domain name. After the domain name dns is changed, nginx returns 504

Use nginx to reverse a domain name. After the domain name dns is changed, nginx returns 504

EOS Cafe Block launched EOS DNS to the center of the Domain Name System (2)

DNS Domain Name System Introduction

Linux DNS Domain Name Service

DNS domain name analytic separation

DNS Domain Name System service

DNS domain name to collect information

DNS domain name resolution process

DNS - Domain name resolution process

linux shell dig nslookup specify DNS server to query domain name resolution

Dns DNS domain name resolution process Detailed

DNS domain name hijacking, domain pollution

Website domain name query address-domain name owner query

Bulk domain name query script

Use dig DNS query

centos7 use bind dns server set up domain name

009-DNS Domain Name System

Round Robin DNS domain name service monitoring

Dns domain name hijacking prevention and resolution

Recommended

Ranking

#2019110700005

What materials and procedures are required for patent transfer

What is the blockchain Ethereum triplet state root transaction root receipt root

Front-end study notes 04 --- About the insertion of html pictures and videos

Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries

2017 Qingdao-site tournament I The Squared Mosquito Coil

[BZOJ3165][HEOI2013]Segment (line segment tree without marking)

Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju

The latest tutorial on making framework for iOS

DAX Section 6: Statistical Functions

Daily

More

2024-05-14(9)

2024-05-13(8)

2024-05-12(28)

2024-05-11(32)

2024-05-10(34)

2024-05-09(32)

2024-05-08(18)

2024-05-07(34)

2024-05-06(6)

2024-05-05(0)